Operation PowerOFF warns 75,000 DDoS users as 53 domains go dark

Europol-backed Operation PowerOFF has issued warnings to 75,000 users, seized 53 domains and widened the crackdown on DDoS-for-hire services.

A wider net for DDoS-for-hire users

International law enforcement has widened a crackdown on the DDoS-for-hire landscape, issuing warnings to more than 75,000 people identified as users of booter services during the latest phase of Operation PowerOFF. Authorities also took down 53 domains, made four arrests and issued 25 search warrants as part of a multinational enforcement push.

The operation, supported by Europol and involving authorities from 21 countries, shows how investigators are no longer focusing solely on platform operators. They are now moving deeper into the customer base that keeps these illegal services profitable and widely accessible.

Booter platforms remain an easy entry point

Booter and stresser services are typically marketed as tools for legitimate stress testing, but, in practice, they are widely used to overwhelm websites, gaming services, businesses and public institutions with malicious traffic. Some users even turn to them to carry personal vendettas against other individuals. Their low cost and ease of use have long lowered the barrier to launching disruptive attacks.

That accessibility is what makes them dangerous. By packing DDoS capabilities as an on-demand service, operators turn cyber disruption into a retail-style market, allowing inexperienced users to launch attacks with little technical knowledge.

From takedowns to prevention

This phase of PowerOFF looks designed not only to disrupt infrastructure, but also to change behavior. Europol says the operation is entering a prevention stage that includes awareness campaigns, search-result disruption and warning messages linked to illicit payments.

Authorities also removed more than 100 URLs promoting illegal DDoS services and used search ads to intercept young people looking for attack tools, hinting at an attempt to shrink demand for booter services and not just seize domains.